If you want to monitor traffic to/from a machine,... You are essentially going to have to "Man-in-the-middle" yourself on your network and do some packet inspection (more effective from a machine monitoring traffic to/from your router). If you wanted to inspect packets from the machine, and suspected foul play, you couldn't trust the machine enough to run, say... WireShark, on it and expect that you're catching all the traffic (although it'd have to be a pretty good hack job to renumber your packet IDs on the fly, well enough that you couldn't catch it).

The following explains how you could capture traffic to/from a mobile device:
https://wiki.wireshark.org/CaptureSetup/WLAN

I'm confused. Where does the linked site say that the intercepting device playing the role of the man in the middle can be mobile, in other words a second smartphone or pad? The operating systems mentioned in the site are desktop ones.

Maybe carrying a linux laptop with a 3G card and wifi is the only safe way to intercept or monitor smartphone wifi transmissions going to the internet. Maybe a netbook that takes a 3G card and BSD.

It talks about "Monitor Mode" in the article.

Here's more about it...

https://ask.wireshark.org/questions/...nother-machine

Beyond using WireShark, you might consider looking to see if your router is set to capture logs of the IP addresses it connects to. If you know your device's IP within the NAT (typically; 192.168.0.XXXX, where XXXX is the device's assigned IP), you can look to see what it connected to. Then do an IP look-up on those external addresses...

So you're recommending monitoring a pad or smartphone using a desktop pc or laptop right? If so, why not just use your pc or laptop that you trust?

We want to use a mobile device when mobile, how do we monitor that?

I don't know of any mobile equivalent to WireShark. If you want to know what traffic is being sent, you are going to need to monitor it from somewhere. That means a PC set up to observe the traffic to/from the device you are using (and something like WireShark's "monitor" function). If you don't see anything that looks like what you fear is being sent,... then you can "safely" take off your tin foil hat...

Keep in mind that Mobile devices are going to transmit data/voice over their cell chipset, in addition to wifi/BT... And cell signals can be compromised in all sorts of ways (very insecure,... or, more appropriately; "Security through obscurity."). That's why Richard Stallman doesn't use a cell phone...

Bottom line is that unless all your traffic is being sent encrypted, then you can safely assume it's being intercepted by the NSA, et al. Even if it is being encrypted, they're still capturing it,... They just probably don't care enough about you to bother decrypting it.

1 members found this post helpful.

The x86 instruction set is pretty horrible, it has all sorts of useless backward compat instructions that are hardly used, ASCII Adjust After Addition and a bunch of other BCD instructions, the old (80 bit!) floating point instructions, and variable length instruction encoding which makes disassembly much more difficult (of course it makes the decoding and executing more difficult as well).

http://www.utd.edu/~hamlen/wartell-pkdd11.pdf

1 members found this post helpful.

Just found that you can build a modified android from the sources with something like this:

https://wiki.cyanogenmod.org/w/Build_for_jflte

In case of spying features hidden in the chips, how about having two smartphones:

- one with the cellphone antenna ripped out and only wifi working, and

- the other set up as a gateway from wifi to GSM/3G and as a monitoring device (someone must have ported wireshark to android or ported similar monitoring software).

And instead of using the browser, use a VNC connection to your PC at home, over the internet, going through the monitoring smartphone.

Then spying chips in smartphone 1 sending traffic to third parties will be revealed by smartphone 2.